Cybersecurity

U.S. efforts to promote its preferred norms for cyberspace—Internet openness, security, and free speech—suffered a significant setback in the summer of 2013 with the Snowden disclosures. Henry Farrell identifies three steps the United States can take to reinvigorate its norm-promotion efforts.

Writing in Foreign Policy, Emerson Brooking argues that, given ISIS’ strategically significant use of social media for recruiting and messaging, any comprehensive plan to defeat the terror network must also neutralize its online presence. He proposes the creation of a bounty system that would pay hacktivists in anonymized Bitcoin to flag ISIS social media accounts and disrupt its websites.

President Obama spoke at the White House Summit on Cybersecurity and Consumer Protection at Stanford on February 13, 2015. He announced a new executive order for private and government sectors to better share information about cyber threats.

Jay Rockefeller, the former chairman of the U.S. Senate Select Committee on Intelligence, will join the Council on Foreign Relations this month as a distinguished fellow. His research will cover Japan, East Asia, cybersecurity issues, and other topics. He will be based in CFR’s Washington, DC, office.

While Sony may have dominated the news toward the end of 2014, three major cyberattacks against U.S. companies shook the corporate world earlier this year: Target opened the year by announcing in January that hackers had stolen personal information from an estimated 110 million accounts; hackers accessed approximately 83 million J.P. Morgan Chase accounts in August; and Home Depot confirmed that its payment system was breached in September, compromising an estimated 56 million accounts. Here’s a look back at the details of each of those attacks, and how they affected the conversation about cybersecurity in the United States and the corporate sector.

Adam Segal, CFR senior fellow for China studies, and Scott A. Snyder, CFR senior fellow for Korea studies, discussed the cyberattack on Sony Pictures and the studio's decision to cancel its release of The Interview, a comedy that reportedly depicts the assassination of North Korean leader Kim Jong-un.

Adam Segal, CFR senior fellow for China studies, and Scott A. Snyder, CFR senior fellow for Korea studies, discussed the cyberattack on Sony Pictures and the studio's decision to cancel its release of The Interview, a comedy that reportedly depicts the assassination of North Korean leader Kim Jong-un.

The free flow of information across borders is essential for the modern economy, but a growing number of countries have erected restrictions curtailing a free and open Internet. Karen Kornbluh discusses what diplomatic and policy steps the United States can take to safeguard the free flow of information worldwide.

The Council on Foreign Relations (CFR) has launched Net Politics, a blog on cybersecurity, Internet governance, digital trade, and privacy. It will provide original insight, highlight notable research and analysis, and introduce new voices on the emerging politics of cyberspace.

The U.S. Department of Justice announced the indictment of five Chinese military hackers on May 19, 2014. Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui were charged with computer hacking, economic espionage and other offenses directed at Americans in the nuclear power, metals, and solar products industries.

Thomas Rid ("Cyberwar and Peace," November/December 2013) describes cyberattacks as somehow separate from conventional warfare because they fail to meet all three of Clausewitz's definitions of war as violent, instrumental, and attributable to one side as an action taken for a political goal.

President Barack Obama ordered on February 12, 2013 that the U.S. government work with "owners and operators of critical infrastructure" to share information about cyber threats and attacks and to implement common cybersecurity standards. A year later, on February 12, 2014, the National Institute for Standards and Technology issued the framework for improving cybersecurity.

Annually, the Director of National Intelligence testifies before the Senate Select Committee on Intelligence and before the House Permanent Select Committee on Intelligence to discuss the current and potential threats to United States' security and priorities for the Department of Defense budget. The assessment usually covers terrorism threats, cyber attacks, counterintelligence, proliferation, mass atrocities, regional and country-by-country threats, and other state and non state intelligence threats such as health threats, water security and transnational crime.

Cyberwar Is Coming!" declared the title of a seminal 1993 article by the RAND Corporation analysts John Arquilla and David Ronfeldt, who argued that the nascent Internet would fundamentally transform warfare.